Skip to content

📦 Publish to npm #144

📦 Publish to npm

📦 Publish to npm #144

Workflow file for this run

name: 📦 Publish to npm
# Dependencies:
# - SocketDev/socket-registry/.github/workflows/provenance.yml
on:
workflow_dispatch:
inputs:
dry-run:
description: 'Dry run (default: true)'
required: false
default: true
type: boolean
debug:
description: 'Enable debug output'
required: false
default: '0'
type: string
options:
- '0'
- '1'
permissions:
contents: write # Push git tags and create GitHub releases
id-token: write # NPM trusted publishing via OIDC
jobs:
publish:
uses: SocketDev/socket-registry/.github/workflows/provenance.yml@3ee41c620baed62f610b3cffe64e3fda68bcbb8d # main (2026-05-26)
with:
debug: ${{ inputs.debug }}
dry-run: ${{ inputs.dry-run }}
# Direct publish (no staging). The `pnpm stage publish` path 403s on
# this package even with a correctly configured trusted publisher +
# npm-publish environment — server-side stage-token scope issue still
# under investigation. `npm publish` via OIDC works (v6.0.1 shipped
# this way), so publish directly until staged publish is unblocked.
publish-script: 'node scripts/publish.mts --direct'
package-name: '@socketsecurity/lib'
setup-script: 'pnpm run build'
use-trusted-publishing: true
secrets:
SOCKET_API_TOKEN: ${{ secrets.SOCKET_API_TOKEN }}